lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:	Sun, 18 Jan 2009 21:25:49 +0100 (CET)
From:	Bodo Eggert <7eggert@....de>
To:	Evgeniy Polyakov <zbr@...emap.net>
cc:	Bodo Eggert <7eggert@....de>, Alan Cox <alan@...rguk.ukuu.org.uk>,
	Dave Jones <davej@...hat.com>, linux-kernel@...r.kernel.org,
	Andrew Morton <akpm@...ux-foundation.org>,
	Linus Torvalds <torvalds@...ux-foundation.org>
Subject: Re: [why oom_adj does not work] Re: Linux killed Kenny, bastard!

On Sun, 18 Jan 2009, Evgeniy Polyakov wrote:
> On Sun, Jan 18, 2009 at 01:37:09PM +0100, Bodo Eggert (7eggert@....de) wrote:

> > How many different CGI handlers are you going to have?
> 
> CGIs are usually limited, application server is not.
> 
> > And how does kill-kenny scale with the number of users on the system?
> > I want my browser not to be killed, while the other user wants his
> > gimp not to be killed. As you can see, it does not even scale for
> > the most simple multi-user system.
> 
> It is not about who should not be killed, but who should _be_ in the
> first raw.

If it comes to the killing, it will start with the first row, or using your 
patch, with the only man in the first row, named kenny. Now imagine a 
phalanx of spawned kennies protecting a running-wild application from being 
killed ...

If you set the oom_adj to mark the goat under normal conditions, the system 
will adjust itself to abnormal conditions.

> > > No, admin will limit/forbid the connection from the DoSing clients,
> > > server must always live to handle proper users.
> > 
> > If there is no memory, the admin can't even log in.
> 
> Admin can observe the situation via kvm or sometimes netconsole and
> tune the system for the next run.

So your kill-kenny does not only require having exactly one goat system-wide 
and no process having the same process name, but also constant supervision.
I think it's a really great design!
-- 
Whenever you have plenty of ammo, you never miss. Whenever you are low on
ammo, you can't hit the broad side of a barn.
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ